Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/ea1072-f326-4e51-adf1-ba9b0fa1b7a2/1/QnbajwSHyFCAm0qYcoysIXKycD0.mft
File:                     QnbajwSHyFCAm0qYcoysIXKycD0.mft (raw, json)
Hash identifier:          BsMkjVuEjFk3TMC9ZDlWDagRfSYEr+5GXp7nNcXDa34=
Subject key identifier:   FD:D1:6A:AF:C7:02:FC:4E:BC:A3:EF:E0:C5:9B:31:C3:15:B5:C2:C4
Authority key identifier: 42:76:DA:8F:04:87:C8:50:80:9B:4A:98:72:8C:AC:21:72:B2:70:3D
Certificate issuer:       /CN=4276da8f0487c850809b4a98728cac2172b2703d
Certificate serial:       0199FBEBC404BF446F8A280E75D8AECFE91C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QnbajwSHyFCAm0qYcoysIXKycD0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0d/ea1072-f326-4e51-adf1-ba9b0fa1b7a2/1/QnbajwSHyFCAm0qYcoysIXKycD0.mft
Manifest number:          16E0
Signing time:             Sun 19 Oct 2025 10:02:36 +0000
Manifest this update:     Sun 19 Oct 2025 10:02:36 +0000
Manifest next update:     Mon 20 Oct 2025 10:02:36 +0000
Files and hashes:         1: QnbajwSHyFCAm0qYcoysIXKycD0.crl (hash: b0grmIH0WqRIKFi5EwNGy5etFnu9IT0X3DNaQOfMLgM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0d/ea1072-f326-4e51-adf1-ba9b0fa1b7a2/1/QnbajwSHyFCAm0qYcoysIXKycD0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0d/ea1072-f326-4e51-adf1-ba9b0fa1b7a2/1/QnbajwSHyFCAm0qYcoysIXKycD0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QnbajwSHyFCAm0qYcoysIXKycD0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:eb:c4:04:bf:44:6f:8a:28:0e:75:d8:ae:cf:e9:1c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4276da8f0487c850809b4a98728cac2172b2703d
        Validity
            Not Before: Oct 19 10:02:36 2025 GMT
            Not After : Oct 20 10:02:36 2025 GMT
        Subject: CN=fdd16aafc702fc4ebca3efe0c59b31c315b5c2c4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:57:d9:28:05:ec:e5:dc:a6:01:dc:e5:82:ef:
                    81:80:3d:11:79:41:a4:55:a8:39:dd:14:82:08:45:
                    80:4c:e2:fa:58:e3:42:64:6e:59:6b:02:d7:bd:9f:
                    cc:45:9b:f9:f1:67:d1:8c:3c:c7:56:61:74:4c:ec:
                    af:4c:e2:13:90:50:88:ba:71:ed:9e:33:bc:b1:59:
                    4e:9f:94:17:32:d8:75:12:2e:4d:ad:bc:ef:7f:f1:
                    3a:73:33:ce:4e:6f:0e:45:53:4e:6e:31:c6:9c:a4:
                    0f:10:53:02:4e:fa:51:c9:48:8b:ae:10:34:f5:b2:
                    f3:2b:20:b6:d6:b7:33:d4:13:bc:ec:7d:94:d1:bb:
                    f7:ca:04:a6:d6:f9:6e:c7:a5:08:6b:b0:87:47:69:
                    8c:d6:d4:f9:0d:89:e9:b1:aa:f2:2c:29:9e:63:50:
                    20:f2:a4:e0:92:f1:90:76:29:80:ad:06:d5:96:8d:
                    1c:a8:ce:3c:06:d4:9e:05:eb:3b:4f:c5:b1:8d:6e:
                    88:be:45:ef:7a:e8:e9:1f:25:bf:bf:04:31:a8:d5:
                    ff:15:fd:34:76:19:bd:80:20:78:9e:79:b6:d0:ba:
                    8d:f3:7c:5e:20:a4:af:9d:b1:5d:83:2c:63:15:f5:
                    c7:f4:af:c1:77:92:7b:1e:21:21:98:db:9c:a8:9e:
                    18:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FD:D1:6A:AF:C7:02:FC:4E:BC:A3:EF:E0:C5:9B:31:C3:15:B5:C2:C4
            X509v3 Authority Key Identifier:
                keyid:42:76:DA:8F:04:87:C8:50:80:9B:4A:98:72:8C:AC:21:72:B2:70:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QnbajwSHyFCAm0qYcoysIXKycD0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/ea1072-f326-4e51-adf1-ba9b0fa1b7a2/1/QnbajwSHyFCAm0qYcoysIXKycD0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/ea1072-f326-4e51-adf1-ba9b0fa1b7a2/1/QnbajwSHyFCAm0qYcoysIXKycD0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6e:c5:b0:2d:a3:ad:7f:f5:c1:2f:06:d9:6f:63:97:96:90:6a:
         4c:e2:fc:47:ba:61:3f:8a:98:04:4d:0b:ec:b6:7b:a2:ec:66:
         a0:a8:5f:d4:47:3d:57:c1:06:1a:f8:c1:d3:d5:18:b4:e8:f7:
         43:65:9e:0c:40:86:07:28:86:2a:dd:0b:dc:da:1f:ab:ae:d9:
         1f:c6:32:59:b9:cf:f6:a6:20:ef:b6:69:04:91:fe:41:3a:88:
         b4:b5:50:a3:01:0e:3b:06:b5:0d:9c:b8:dd:9b:ff:30:25:7d:
         53:77:20:6d:21:74:04:aa:7e:93:e8:64:15:ba:ca:0c:85:d4:
         03:50:0e:b7:91:b4:70:cf:63:1b:d8:31:d3:6a:1f:0f:b7:46:
         3e:3a:21:14:16:1c:b1:ed:f4:dc:53:fc:43:8b:06:69:ff:13:
         08:e6:59:30:45:97:69:eb:a7:73:f6:30:e3:e9:1e:f3:69:36:
         97:0c:df:50:ac:89:ce:57:ab:c2:f2:95:2a:6d:f3:b0:6e:90:
         40:ef:a7:15:7c:c3:cb:87:03:1f:02:26:c9:cf:ca:b3:60:ec:
         a2:30:cc:98:76:56:3a:fa:b8:b0:4e:eb:e5:d5:f6:89:6f:0d:
         9b:cf:53:0e:3f:f6:55:f0:87:8c:a7:ac:e5:84:e8:ee:0b:ff:
         26:5f:c0:32
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn768QEv0RviigOddiuz+kcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyNzZkYThmMDQ4N2M4NTA4MDliNGE5ODcyOGNhYzIxNzJi
MjcwM2QwHhcNMjUxMDE5MTAwMjM2WhcNMjUxMDIwMTAwMjM2WjAzMTEwLwYDVQQD
EyhmZGQxNmFhZmM3MDJmYzRlYmNhM2VmZTBjNTliMzFjMzE1YjVjMmM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuFfZKAXs5dymAdzlgu+BgD0ReUGk
Vag53RSCCEWATOL6WONCZG5ZawLXvZ/MRZv58WfRjDzHVmF0TOyvTOITkFCIunHt
njO8sVlOn5QXMth1Ei5Nrbzvf/E6czPOTm8ORVNObjHGnKQPEFMCTvpRyUiLrhA0
9bLzKyC21rcz1BO87H2U0bv3ygSm1vlux6UIa7CHR2mM1tT5DYnpsaryLCmeY1Ag
8qTgkvGQdimArQbVlo0cqM48BtSeBes7T8WxjW6IvkXveujpHyW/vwQxqNX/Ff00
dhm9gCB4nnm20LqN83xeIKSvnbFdgyxjFfXH9K/Bd5J7HiEhmNucqJ4Y3QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP3Raq/HAvxOvKPv4MWbMcMVtcLEMB8GA1UdIwQY
MBaAFEJ22o8Eh8hQgJtKmHKMrCFysnA9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUW5iYWp3U0h5RkNBbTBxWWNveXNJWEt5Y0QwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9lYTEwNzItZjMyNi00ZTUxLWFkZjEt
YmE5YjBmYTFiN2EyLzEvUW5iYWp3U0h5RkNBbTBxWWNveXNJWEt5Y0QwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9lYTEwNzItZjMyNi00ZTUxLWFkZjEtYmE5YjBmYTFiN2Ey
LzEvUW5iYWp3U0h5RkNBbTBxWWNveXNJWEt5Y0QwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbsWwLaOt
f/XBLwbZb2OXlpBqTOL8R7phP4qYBE0L7LZ7ouxmoKhf1Ec9V8EGGvjB09UYtOj3
Q2WeDECGByiGKt0L3Nofq67ZH8YyWbnP9qYg77ZpBJH+QTqItLVQowEOOwa1DZy4
3Zv/MCV9U3cgbSF0BKp+k+hkFbrKDIXUA1AOt5G0cM9jG9gx02ofD7dGPjohFBYc
se303FP8Q4sGaf8TCOZZMEWXaeunc/Yw4+ke82k2lwzfUKyJzlerwvKVKm3zsG6Q
QO+nFXzDy4cDHwImyc/Ks2DsojDMmHZWOvq4sE7r5dX2iW8Nm89TDj/2VfCHjKes
5YTo7gv/Jl/AMg==
-----END CERTIFICATE-----